Details

Updated cups packages that fix two security issues are now available forRed Hat Enterprise Linux 5.

The Red Hat Security Response Team has rated this update as havingimportant security impact. Common Vulnerability Scoring System (CVSS) basescores, which give detailed severity ratings, are available for eachvulnerability from the CVE links in the References section.

A use-after-free flaw was found in the way the CUPS server parsed InternetPrinting Protocol (IPP) packets. A malicious user able to send IPP requeststo the CUPS server could use this flaw to crash the CUPS server or,potentially, execute arbitrary code with the privileges of the CUPS server.(CVE-2010-2941)

A possible privilege escalation flaw was found in CUPS. An unprivilegedprocess running as the "lp" user (such as a compromised external filterprogram spawned by the CUPS server) could trick the CUPS server intooverwriting arbitrary files as the root user. (CVE-2010-2431)

Red Hat would like to thank Emmanuel Bouillon of NATO C3 Agency forreporting the CVE-2010-2941 issue.

Users of cups are advised to upgrade to these updated packages, whichcontain backported patches to correct these issues. After installing thisupdate, the cupsd daemon will be restarted automatically.

Solution

Before applying this update, make sure all previously-released erratarelevant to your system have been applied.